CVE-2025-36071

Medium CVSS 6.5

Overview

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query due to improper release of memory resources.

CWE: CWE-772 Published: 2025-07-29T19:15:45.863

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.5 (MEDIUM)
Detected tags: dos (tag impact: LOW)

Recommended actions:

Rate limiting, resource quotas and circuit breakers.

Overview

Recommended tools

Tags